The business models of social networks could rely on an ignorance towards privacy from their users, experts say. But recent research indicates normal Facebook users have begun altering their privacy settings to control the information people (and potentially advertisers) can see, which could affect the ability of social networks to make money.

As social networks like Facebook and LinkedIn strive to formulate sustainable business models built upon advertising or the selling of premium services, the biggest hurdle they face might rest within their users' increased awareness of online privacy.

The common assumption that social networking users don't care about privacy is misguided. The majority of people who use social networks (nearly 60 percent or more) have already modified their privacy settings, according to two separate research studies from the Pew Internet & American Life Project and School of Information and Library Science. Furthermore, privacy experts warn that an unfortunate (but perhaps inevitable) security breach that exposes user data over social networks in the coming years could cause a privacy tipping point in which users push back in a more substantive and widespread way.

"Privacy will become more important when the information is used for more nefarious reasons, like for stealing your identity," says Larry Ponemon, president of the Ponemon Institute, a privacy research firm.

For their part, executives at major social networking sites and their advertisers argue that a culture of greater openness on the Web will prevail. They also say increased user attention to privacy could actually be advantageous to their business: If people feel comfortable with who can see their Facebook profile, for instance, they are more likely to be honest with the information they contribute to the network, which helps in serving up relevant ads that people might click on.

"As people incorporate more openness into their lives, over time we can allow for that evolution with them," says
Chris Kelly, Facebook's chief privacy officer. "There's a greater authenticity to their interactions online if they know who they are signaling their interests and activities to."

Social networking and online advertising experts like to analyze the fallout of the Beacon Advertising incident back in November 2007. This was the main idea behind Beacon: If a Facebook user bought an item from a third-party website participating in the Beacon ad program, that transaction would be published to their friends' Facebook newsfeeds, the main content stream that runs down the center of their home pages. (For example, "Your friend John Smith just bought two tickets to the new Batman move from Fandango.com.")

"I don't think [privacy] has been a widespread concern for advertisers," says Hussein Fazal, CEO of Adparlor.com, which helps companies serve up on ads on top of social networks. "For now, there's only a small percentage of people who really care about that stuff."

The research also indicates that their attention to privacy controls increases with their time on the service. During their first six months on Facebook, only 40 percent of students said they modified their privacy settings. After one year, that number jumped to nearly 80 percent.

Although Joe Social Networker might not pay close attention to "inside baseball" incidents like Beacon, they do notice general trends in the media, says Fred Stutzman, a social networking researcher at UNC. "Each individual incident is too abstract for most users, but they do sense an accumulation of all these things," he says.